feat(build): add ci_commit_sha to the containers env vars

ref: nofusscomputing/projects/gitlab-ci#49
2025-02-26 21:55:13 +09:30
parent 9c04001d95
commit f2fb6a3540
2 changed files with 57 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -62,3 +62,57 @@ Build/Cache Python Packages:
      allow_failure: true
      when: manual
    - when: never
+
+
+Docker Container:
+  extends: .build_docker_container
+  resource_group: build
+  needs: []
+  script: 
+    - update-binfmts --display
+    - |
+
+      if [ "0$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS" != "0" ]; then
+
+        echo "[DEBUG] building multiarch/specified arch image";
+
+        docker buildx build --platform=$DOCKER_IMAGE_BUILD_TARGET_PLATFORMS . \
+          --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
+          --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
+          --label org.opencontainers.image.source="$CI_PROJECT_URL" \
+          --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
+        --push \
+        --build-arg CI_JOB_TOKEN=$CI_JOB_TOKEN --build-arg CI_PROJECT_ID=$CI_PROJECT_ID --build-arg CI_API_V4_URL=$CI_API_V4_URL \
+        --build-arg CI_COMMIT_SHA=$CI_COMMIT_SHA \
+        --file $DOCKER_DOCKERFILE \
+        --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+        docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+        # during docker multi platform build there are >=3 additional unknown images added to gitlab container registry. cleanup
+        
+        DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG" --format "{{ range .Manifest.Manifests }}{{ if ne (print .Platform) \"&{unknown unknown  [] }\" }}$DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG@{{ println .Digest }}{{end}} {{end}}");
+
+        docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+        docker buildx imagetools inspect $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      else
+
+        echo "[DEBUG] building image";
+
+        docker build . \
+          --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
+          --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
+          --label org.opencontainers.image.source="$CI_PROJECT_URL" \
+          --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
+          --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
+          --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
+        --build-arg CI_JOB_TOKEN=$CI_JOB_TOKEN --build-arg CI_PROJECT_ID=$CI_PROJECT_ID --build-arg CI_API_V4_URL=$CI_API_V4_URL \
+        --build-arg CI_COMMIT_SHA=$CI_COMMIT_SHA \
+        --file $DOCKER_DOCKERFILE \
+        --tag $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+      
+      docker push $DOCKER_IMAGE_BUILD_REGISTRY/$DOCKER_IMAGE_BUILD_NAME:$DOCKER_IMAGE_BUILD_TAG;
+
+      fi
--- a/3
+++ b/3
@ -2,6 +2,7 @@ ARG release_name=bookworm

 ARG kubernetes_version=1.29

+ARG CI_COMMIT_SHA=""

 FROM --platform=$TARGETPLATFORM quay.io/ansible/receptor:v1.4.4 as receptor

@ -33,7 +34,9 @@ RUN curl -fsSL https://pkgs.k8s.io/core:/stable:/v${kubernetes_version}/deb/Rele

 FROM --platform=$TARGETPLATFORM python:3.11-slim-${release_name}

+ARG CI_COMMIT_SHA

+ENV CI_COMMIT_SHA=${CI_COMMIT_SHA}
 # Ansible chucks a wobbler without. see: https://github.com/ansible/ansible/issues/78283
 ENV LC_ALL en_US.UTF-8